auth

package
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 13, 2021 License: MIT Imports: 11 Imported by: 0

README

Auth package

The CLI authentication follows this approach:

  1. $ auth0 login uses Auth0 Device Flow to get an acccess token and a refresh token for the selected tenant.
  2. The access token is stored at the configuration file.
  3. The refresh token is stored at the OS keychain (supports macOS, Linux, and Windows thanks to https://github.com/zalando/go-keyring).
  4. During regular commands initialization, the access token is used to instantiate an Auth0 API client. - If the token is expired according to the value stored on the configuration file, a new one is requested using the refresh token. - In case of any error, the interactive login flow is triggered.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator 

type Authenticator struct {
	Secrets SecretStore
}

func (*Authenticator) Start 

func (a *Authenticator) Start(ctx context.Context) (State, error)

Start kicks-off the device authentication flow by requesting a device code from Auth0, The returned state contains the URI for the next step of the flow.

func (*Authenticator) Wait 

func (a *Authenticator) Wait(ctx context.Context, state State) (Result, error)

Wait waits until the user is logged in on the browser.

type Keyring 

type Keyring struct{}

func (*Keyring) Delete 

func (k *Keyring) Delete(namespace, key string) error

Delete deletes a value for the given namespace and key.

func (*Keyring) Get 

func (k *Keyring) Get(namespace, key string) (string, error)

Get gets a value for the given namespace and key.

func (*Keyring) Set 

func (k *Keyring) Set(namespace, key, value string) error

Set sets the given key/value pair with the given namespace.

type Result 

type Result struct {
	Tenant      string
	Domain      string
	AccessToken string
	ExpiresIn   int64
}

type SecretStore 

type SecretStore interface {
	// Set sets the secret
	Set(namespace, key, value string) error
	// Get gets the secret
	Get(namespace, key string) (string, error)
	// Delete removes the secret
	Delete(namespace, key string) error
}

SecretStore provides secure storage for sensitive data

type State 

type State struct {
	DeviceCode      string `json:"device_code"`
	UserCode        string `json:"user_code"`
	VerificationURI string `json:"verification_uri_complete"`
	ExpiresIn       int    `json:"expires_in"`
	Interval        int    `json:"interval"`
}

func (*State) IntervalDuration 

func (s *State) IntervalDuration() time.Duration

type TokenResponse 

type TokenResponse struct {
	AccessToken string `json:"access_token"`
	IDToken     string `json:"id_token"`
	TokenType   string `json:"token_type"`
	ExpiresIn   int    `json:"expires_in"`
}

type TokenRetriever 

type TokenRetriever struct {
	Secrets SecretStore
	Client  *http.Client
}

func (*TokenRetriever) Delete 

func (t *TokenRetriever) Delete(tenant string) error

Delete deletes the given tenant from the secrets storage.

func (*TokenRetriever) Refresh 

func (t *TokenRetriever) Refresh(ctx context.Context, tenant string) (TokenResponse, error)

Refresh gets a new access token from the provided refresh token, The request is used the default client_id and endpoint for device authentication.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.